site logo

Building a platform for offensive security teams Bond icon

Smokescreen builds simple and intuitive solutions that enable companies to predict threats, detect attacks, and respond to breaches.

Dots icon
Wave icon

Projects

Smoke Screen

Industry

Fitness

Duration

10 months

Role

UX, Product
Triangle icon

Smokescreen builds simple and intuitive solutions that enable companies to predict threats, detect attacks, and respond to breaches. The Smokescreen products have helped security teams around the world detect threats where others have failed.

Before Smokescreen, the founding team ran high-end red team and breach readiness assessments for some of the world's largest companies, showing them how their security systems could be bypassed.

Light icon
Triangle iconHero background

The Project

Smokescreen wanted a full scale, phased revamp of their flagship product IllusionBLACK. This means the entire design architecture would undergo a redesign, both in terms of experience and visuals. The customers are financial institutions like banks, stock exchanges where data security is extremely important.

Smokescreen dashboard

Challenges

One of the strongest USP for Smokescreen was the fact that they run off a custom console, the box, instead of a remote server which is unlike any Of the projects I had ever worked on. And this essentially became the biggest challenge to tackle. It meant we only had one shot to make everything right, before it is shipped to customers. Any failure would mean a very expensive callback, of actual devices, from customers' premises.

This also brings another challenge, which is iterations.The tech products I had previously worked on werereleased in controlled phases, even the release demographics were controlled in some. This allowed us to keep a close watch on the usage, behaviours, detect small issues and deploy rapid iterations/fixes before any major problems occur. Even in case of a massive failure, this gives us the option to quickly rollback to a previous ‘version’ until we fix it.

With Smokescreen it was impossible. Not just because the software was shipped in a closed, self-contained device, but also the kind of customers they have. The primary customers were data-sensitive industries & the devices were installed at highly secure locations like banks and financial institutions. This is also the reason why we couldn't afford to risk making mistakes.

wireframetriangle icon

The Project

Smokescreen wanted a full scale, phased revamp of their flagship product IllusionBLACK. This means the entire design architecture would undergo a redesign, both in terms of experience and visuals. The customers are financial institutions like banks, stock exchanges where data security is extremely important.

visual image
visual image
visual image
visual image
visual image
visual image

The Project

Smokescreen wanted a full scale, phased revamp of their flagship product IllusionBLACK. This means the entire design architecture would undergo a redesign, both in terms of experience and visuals. The customers are financial institutions like banks, stock exchanges where data security is extremely important.

application image

Specialized environments such as SWIFT servers in banking.

The product needed to be a one-stop solution for targeted threats, lateral movement detection, web application attacks, malware-less attacks, social engineering, threat intelligence, and ransomware. The decoys are created for Internet Of Things (IOT) systems, supervisory control and data acquisition (SCADA), industrial control systems, as well as for specialised environments such as SWIFT servers in banking.

As you can see in the wireframes above, the user interface needed to let security teams visually reconstruct exactly what the attacker is doing in real-time.

Smokescreen SWIFT server wireframeTriangle icon

Final visual designs

Smokescreen visual design

Philosophy

Throughout the project we kept talking around a basic concept Of the fight between truth and evil. The visual designs needed to be bold and impactful to represent the simplified concept.

The way the product works, in theory, is pretty simple. The client has their sensitive data (documents, devices, emails etc) in their premises connected to the internet. That's the good part. The hackers know where to find them using their IP addresses and other means. Those are the bad guys (represented with bots).

What Smokescreen does is it creates bots which masquerade as those datapoints and stay online, mixed up with the real devices. When a hacker hits them thinking they're hitting the devices, they raise flags and run commands which perform complex, customised operations to ward off the predators. The wh01e process is pretty much a victory of good over evil.

"While deception has been around for a while, it was still mostly academic and experimental due to the complexity Of making it work at scale. But the idea stuck. We began hand-crafting digital traps for highly targeted organisations that could not afford a breach; places where Other defences had regularly been defeated. It worked — and how! They caught things that were invisible to 'state-of-the-art' products."

Smokescreen dashboard
Smokescreen attack illustrationTriangle icon
Smokescreen elementsSmokescreen product flow

Results

IllusionBLACK now protects some of the most highly-targeted organisations globally, including leading financial institutions, critical infrastructure, and Fortune 500 companies. For its innovative offering, Smokescreen recently bagged the NASSCOM- DSCI Excellence Award for Security Product Company of the Year, won the CISO Platform Top Indian Startup of the year, and has also been recognised by Gartner as a Cool Vendor in Artificial Intelligence.

Smokescreen application image

Customer retention

600%

Target icon

NPS Score

80%

Calendar icon

Revenues

NDA

ApnaPaisaVisuals

India’s largest loan distributor

ApnaPaisa’s reach spans over 30 years, 100 cities and thousands of happy customers.

Case study coming soon
ApnaPaisa project
PushEngageVisuals

15 Billion messages per month

PushEngage sends over 15 Billion Targeted Push Messages Each Month for 25,000+ Smart Business Owners.

Case study coming soon
PushEngage project
Light icon
homesuitcase